Hello,

we stumbled over a nasty regression when trying to upgrade some of our apps to the latest version of Tomcat 9 in connection with the @include directive. The issue seems to be only related to JSP files put underneath WEB-INF (for security reasons) and appeared first in 9.0.67. Or apps work perfectly in previous versions of Tomcat, some for 15 years, and up to Tomcat 9.0.65.

To provide some background, we use Tiles and Spring MVC or Struts to serve JSP content from underneath /WEB-INF. The basic structure is like this

WEB-INF
  |--tiles
     |--layout
        | mainTemplate.jsp
        | errorTemplate
        | (...)
        |--config
          configuration.jspf

In the template JSP file, the configuration.jspf file gets included statically into the templates via @import like this:

<%@include file="config/configuration.jspf" %>

Since 9.0.67, this does not work anymore, but ends up in a JasperException claiming the included file could not be found:

28-Sep-2022 16:42:39.237 SEVERE [http-nio-9000-exec-4] org.apache.catalina.core.ApplicationDispatcher.invoke Servlet.service() for servlet [jsp] threw exception
	org.apache.jasper.JasperException: /WEB-INF/tiles/layout/errorTemplate.jsp (Zeile: [14], Spalte: [1]) Datei [config/configuration.jspf] nicht gefunden
		at org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:41)
		at org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:292)
		at org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:98)
		at org.apache.jasper.compiler.Parser.processIncludeDirective(Parser.java:349)
		at org.apache.jasper.compiler.Parser.parseIncludeDirective(Parser.java:384)
		at org.apache.jasper.compiler.Parser.parseDirective(Parser.java:485)
		at org.apache.jasper.compiler.Parser.parseFileDirectives(Parser.java:1802)
		at org.apache.jasper.compiler.Parser.parse(Parser.java:141)
		at org.apache.jasper.compiler.ParserController.doParse(ParserController.java:245)
		at org.apache.jasper.compiler.ParserController.parseDirectives(ParserController.java:128)
		at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:202)
		at org.apache.jasper.compiler.Compiler.compile(Compiler.java:391)
		at org.apache.jasper.compiler.Compiler.compile(Compiler.java:367)
		at org.apache.jasper.compiler.Compiler.compile(Compiler.java:351)
		at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:605)
		at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:399)
		at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:379)
		at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:327)
		at javax.servlet.http.HttpServlet.service(HttpServlet.java:779)


The included file is there, though. If we move the file one directory up and remove the subdir reference from @include like this

<%@include file="configuration.jspf" %>

everything works again. So there seems to be a problem with the path resolution of sorts related to /WEB-INF, introduced by a change in 9.0.67. Unfortunately, this renders our apps incompatible with 9.0.67 currently, and we use that mechanism all over the place, the above is just a simplified example.

Note that the above behaviour seems to be restricted to files underneath WEB-INF only, subdir inclusions in the root dir seem to work ok. still.

It would be great if someone could have a look at this, I'm fairly sure this affects a larger crowd too.


Thank you,
-- Christian.